CM-5 (1)

Configuration ManagementRev 5system

Automated Access Enforcement and Audit Records

Baselines:High

Control Statement

(a) Enforce access restrictions using [Assignment: automated mechanisms] ; and (b) Automatically generate audit records of the enforcement actions.

Supplemental Guidance

Organizations log system accesses associated with applying configuration changes to ensure that configuration change control is implemented and to support after-the-fact actions should organizations discover any unauthorized changes.

Related Controls (7)

AU-2 AU-6 AU-7 AU-12 CM-6 CM-11 SI-12

CCI Identifiers (6)

CCI-000346The organization employs automated mechanisms to enforce access restrictions.CCI-000347The organization employs automated mechanisms to support auditing of the enforcement actions.CCI-001813Enforce access restrictions using organization-defined mechanisms.CCI-001814The Information system supports auditing of the enforcement actions.CCI-003938Automatically generate audit records of the enforcement actions.CCI-003937Defines the automated mechanisms to enforce access restrictions.

Linked STIG Checks (200)

Across 95 STIGs. Click to expand.